Vous avez reçu un message "Your GitLab account has been locked ..." ? Pas d'inquiétude : lisez cet article https://docs.gricad-pages.univ-grenoble-alpes.fr/help/unlock/

Commit 8f113e3b authored by Jonathan Schaeffer's avatar Jonathan Schaeffer
Browse files

reorganisation

parent cc968175
#+TITLE: Déploiement de ws-logstodb
Ce dépôt permet de gérer les déploiements de =ws-logstodb= (https://gricad-gitlab.univ-grenoble-alpes.fr/OSUG/RESIF/ws-logstodb)
* Secret
Le fichier =secrets.yaml= est généré avec l'outil SOPS et présent pour chaque overlay.
Le comportement de sops est configuré avec le fichier =.sops.yaml=.
* Déploiement
** En production
On reste simple et basiques :
: sops -d prod-secrets.yaml | kubectl apply -
: kubectl apply ws-logstodb-prod.yaml
** En préprod avec kustomize
Pour déployer l'application,
- choisir l'overlay (correspondant à un environnement d'exécution)
: cd overlays/preprod
- appliquer le secret dans k8s
: kubectl apply -f sercrets.yaml
- appliquer les ressources /kustomisées/
: kubectl apply -k .
* Mise à jour
Pour déployer une nouvelle image docker de l'application : choisir l'overlay et éditer le fichier =kustomization.yaml= en mettant à jour le champs =newTag=.
apiVersion: v1
kind: ConfigMap
metadata:
name: ws-logstodb-map
data:
database_uri: postgresql://baseuri
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
commonLabels:
app: ws-logstodb
environment: default
resources:
- ws-logstodb.yaml
- configMap.yaml
---
apiVersion: v1
kind: Service
metadata:
labels:
app: ws-logstodb
name: ws-logstodb-service
spec:
ports:
- port: 8000
protocol: TCP
targetPort: 8000
selector:
app: ws-logstodb
type: NodePort
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: ws-logstodb
name: ws-logstodb-deployment
spec:
replicas: 1
selector:
matchLabels:
app: ws-logstodb
template:
metadata:
labels:
app: ws-logstodb
spec:
containers:
- name: ws-logstodb
image: ws-logstodb-image-to-kustomize
ports:
- containerPort: 8000
protocol: TCP
env:
- name: DATABASE_URI
valueFrom:
configMapKeyRef:
name: ws-logstodb-map
key: database_uri
- name: PGPASSWORD
valueFrom:
secretKeyRef:
name: ws-logstodb-secrets
key: resifstatsPgpassword
---
apiVersion: v1
kind: Service
metadata:
labels:
app: ws-logstodb
name: ws-logstodb-service
spec:
ports:
- port: 8000
protocol: TCP
targetPort: 8000
selector:
app: ws-logstodb
type: ClusterIP
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ws-logstodb-ingress
labels:
app: ws-logstodb
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$1
spec:
rules:
- http:
paths:
- path: /wslogstodb/1/(.*)
pathType: Prefix
backend:
service:
name: ws-logstodb-service
port:
number: 8000
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ws-logstodb-ingress
annotations:
nginx.org/rewrites: "serviceName=ws-logstodb-service-preprod rewrite=/;"
spec:
rules:
- host: preprod.ws.resif.fr
http:
paths:
- path: /resif-private/ws-logstodb/1
backend:
serviceName: ws-logstodb-preprod
servicePort: 8000
nameSuffix: -preprod
commonLabels:
environment: preprod
bases:
- ../../base
images:
- name: ws-logstodb-image-to-kustomize
newName: gricad-registry.univ-grenoble-alpes.fr/osug/resif/ws-logstodb/ws-logstodb
newTag: fc496249
patches:
- ws-logstodb.yaml
- map.yaml
- ingress.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: ws-logstodb-map
data:
database_uri: postgresql://resifstats@resif-pgpreprod.u-ga.fr:5432/resifstats
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: ws-logstodb-deployment
spec:
template:
spec:
containers:
- name: ws-logstodb
env:
- name: PGPASSWORD
valueFrom:
secretKeyRef:
name: ws-logstodb-secrets-preprod
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ws-logstodb-ingress
labels:
app: ws-logstodb
environment: production
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$1
spec:
rules:
- http:
paths:
- path: /logstodb/1/(.*)
pathType: Prefix
backend:
service:
name: ws-logstodb-service
port:
number: 8000
nameSuffix: -prod
commonLabels:
environment: production
bases:
- ../../base
images:
- name: ws-logstodb-image-to-kustomize
newName: gricad-registry.univ-grenoble-alpes.fr/osug/resif/ws-logstodb/ws-logstodb
newTag: fc496249
patches:
- ws-logstodb.yaml
- map.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: ws-logstodb-map
data:
database_uri: postgresql://resifstats@resif-pgprod.u-ga.fr:5432/resifstats
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: ws-logstodb-deployment
spec:
template:
spec:
containers:
- name: ws-logstodb
env:
- name: PGPASSWORD
valueFrom:
secretKeyRef:
name: ws-logstodb-secrets-prod
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: ws-logstodb
environment: production
name: ws-logstodb-deployment
spec:
replicas: 1
selector:
matchLabels:
app: ws-logstodb
environment: production
template:
metadata:
labels:
app: ws-logstodb
environment: production
spec:
containers:
- name: ws-logstodb
image: gricad-registry.univ-grenoble-alpes.fr/osug/resif/ws-logstodb/ws-logstodb:fc496249
ports:
- containerPort: 8000
protocol: TCP
env:
- name: DATABASE_URI
value: postgresql://wslogstodb@resif-pgprod.u-ga.fr:5432/resifstats
- name: PGPASSWORD
valueFrom:
secretKeyRef:
name: ws-logstodb-secrets-prod
key: pgpassword
---
apiVersion: v1
kind: Service
metadata:
labels:
app: ws-logstodb
environment: production
name: ws-logstodb-service
spec:
type: ClusterIP
ports:
- port: 8000
selector:
app: ws-logstodb
environment: production
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ws-logstodb-ingress
labels:
app: ws-logstodb
environment: production
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$1
nginx.ingress.kubernetes.io/proxy-body-size: 15m # Permettre l'envoi de gros fichiers de logs
spec:
rules:
- http:
paths:
- path: /logstodb/1/(.*)
pathType: Prefix
backend:
service:
name: ws-logstodb-service
port:
number: 8000
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment